diff options
author | netblue30 <netblue30@yahoo.com> | 2016-09-17 09:24:16 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-09-17 09:24:16 -0400 |
commit | 482a38ca66c7b189a0fcc31fd680801a3bf3c893 (patch) | |
tree | f1beb803c011dd58072e815bba43e4dce1c2632d /src/firejail/checkcfg.c | |
parent | Merge branch 'master' of https://github.com/netblue30/firejail (diff) | |
download | firejail-482a38ca66c7b189a0fcc31fd680801a3bf3c893.tar.gz firejail-482a38ca66c7b189a0fcc31fd680801a3bf3c893.tar.zst firejail-482a38ca66c7b189a0fcc31fd680801a3bf3c893.zip |
bug: add support to remove /usr/local from private-bin list, issue 778
Diffstat (limited to 'src/firejail/checkcfg.c')
-rw-r--r-- | src/firejail/checkcfg.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c index fdd2b8edd..78c0e5c60 100644 --- a/src/firejail/checkcfg.c +++ b/src/firejail/checkcfg.c | |||
@@ -40,6 +40,7 @@ int checkcfg(int val) { | |||
40 | cfg_val[i] = 1; // most of them are enabled by default | 40 | cfg_val[i] = 1; // most of them are enabled by default |
41 | cfg_val[CFG_RESTRICTED_NETWORK] = 0; // disabled by default | 41 | cfg_val[CFG_RESTRICTED_NETWORK] = 0; // disabled by default |
42 | cfg_val[CFG_FORCE_NONEWPRIVS] = 0; // disabled by default | 42 | cfg_val[CFG_FORCE_NONEWPRIVS] = 0; // disabled by default |
43 | cfg_val[CFG_PRIVATE_BIN_NO_LOCAL] = 0; // disabled by default | ||
43 | 44 | ||
44 | // open configuration file | 45 | // open configuration file |
45 | char *fname; | 46 | char *fname; |
@@ -258,6 +259,14 @@ int checkcfg(int val) { | |||
258 | else | 259 | else |
259 | goto errout; | 260 | goto errout; |
260 | } | 261 | } |
262 | else if (strncmp(ptr, "private-bin-no-local ", 21) == 0) { | ||
263 | if (strcmp(ptr + 21, "yes") == 0) | ||
264 | cfg_val[CFG_PRIVATE_BIN_NO_LOCAL] = 1; | ||
265 | else if (strcmp(ptr + 21, "no") == 0) | ||
266 | cfg_val[CFG_PRIVATE_BIN_NO_LOCAL] = 0; | ||
267 | else | ||
268 | goto errout; | ||
269 | } | ||
261 | else | 270 | else |
262 | goto errout; | 271 | goto errout; |
263 | 272 | ||